I am looking for...
- A spider/automated
- Will find all input fields and queryStrings, then insert potential XSS discoveries
- Reports any XSS vulnerabilities found
I am looking for...
Post on reddit "I finished securing my site and making it hacker-proof" with a link to it.
You may want to check out nessus.
http://www.nessus.org/plugins/index.php?view=all&family=CGI+abuses+%3A+XSS
I haven't used them for xss, yet. But for other things I've been pretty happy, and it is is free.
Open source free one my me (as a bookmarklet):- http://www.thespanner.co.uk/2009/03/25/xss-rays/
Try Burp Proxy I used the free with some features. For input fields you can try Firefox plugin XssMe and SOQL Inject Me. I covered all of those in this post : http://www.tgerm.com/2009/02/xss-testing-acceptance-tools-software.html